2 <link rel=
"help" href=
"https://wicg.github.io/FedCM">
3 <script src=
"/resources/testharness.js"></script>
4 <script src=
"/resources/testharnessreport.js"></script>
5 <script src=
"/common/get-host-info.sub.js"></script>
10 import {fedcm_test, set_fedcm_cookie} from './support/fedcm-helper.sub.js';
12 const host = get_host_info();
13 // This regex removes the filename from the path so that we just get
15 const basePath = window.location.pathname.replace(/\/[^\/]*$/, '/');
16 const remoteBaseURL = host.HTTPS_REMOTE_ORIGIN + basePath;
17 const localhostBaseURL =
"http://localhost:" + host.HTTP_PORT + basePath;
19 async function createIframeAndWaitForMessage(test, iframeUrl, setPermissionPolicy) {
20 const messageWatcher = new EventWatcher(test, window,
"message");
21 var iframe = document.createElement(
"iframe");
22 iframe.src = iframeUrl;
23 if (setPermissionPolicy) {
24 iframe.allow =
"identity-credentials-get";
26 document.body.appendChild(iframe);
27 const message = await messageWatcher.wait_for(
"message");
31 fedcm_test(async t =
> {
32 const message = await createIframeAndWaitForMessage(
33 t, remoteBaseURL +
"support/fedcm-iframe.html",
34 /*setPermissionPolicy=*/false);
35 assert_equals(message.result,
"Fail");
36 assert_equals(message.errorType,
"NotAllowedError");
37 },
"FedCM disabled in cross origin iframe without permissions policy");
39 fedcm_test(async t =
> {
40 const message = await createIframeAndWaitForMessage(
41 t, remoteBaseURL +
"support/fedcm-iframe-level2.html",
42 /*setPermissionPolicy=*/true);
43 assert_equals(message.result,
"Pass");
44 assert_equals(message.token,
"token");
45 },
"FedCM enabled in 2 level deep nested iframe. FedCM should be enabled regardless of iframe nesting depth");
47 fedcm_test(async t =
> {
48 const message = await createIframeAndWaitForMessage(
49 t, remoteBaseURL +
"support/fedcm-iframe-level2.html",
50 /*setPermissionPolicy=*/false);
51 assert_equals(message.result,
"Fail");
52 assert_equals(message.errorType,
"NotAllowedError");
53 },
"FedCM disabled in 2 level deep nested iframe where middle iframe does not have permission policy");
55 fedcm_test(async t =
> {
56 const message = await createIframeAndWaitForMessage(
57 t, remoteBaseURL +
"support/fedcm-iframe-level2.html?permission=0",
58 /*setPermissionPolicy=*/true);
59 assert_equals(message.result,
"Fail");
60 assert_equals(message.errorType,
"NotAllowedError");
61 },
"FedCM disabled in 2 level deep nested iframe where innermost iframe does not have permission policy");
63 fedcm_test(async t =
> {
64 // This is only an iframe because there's no other way to have this URL
65 // loaded from localhost.
66 const message = await createIframeAndWaitForMessage(
67 t, localhostBaseURL +
"support/fedcm-iframe.html",
68 /*setPermissionPolicy=*/true);
69 assert_equals(message.result,
"Pass");
70 assert_equals(message.token,
"token");
71 },
"FedCM should work in non-HTTPS URLs on localhost");